Let users configure a max actions per visit that should be recorded (available in TrackingSpamPrevention plugin) #16802
Labels
trackingspam
For issues related to receiving tracking requests from spammers and bots.
I think this could go into a new plugin similar to #16794 . The plugin could be called like "TrackingSpamProtection" or similar. Could include this in core or on the marketplace.
A new UI system setting be great that lets you configure a max number of actions per visit. By default unlimited actions would be allowed. If the plugin is installed through the marketplace we could maybe set a max value of 500 or so.
The thought is that for most websites it's unrealistic that say more than 100 actions per visit are performed (or more than 50 or more than 500 ...). To prevent spammers sending hundreds or thousands of requests for one visit, we would ignore any new tracking request once the configured limit has been reached. It should be as easy as comparing configured value with
visit_total_actions
and be very fast.As a result if a spamming attack happens, the DB will need less resources plus the data is not as messed up.
It should also be possible to have this setting set to "unlimited" actions per visit. We don't need to have this setting for now per site. We can always do this later (yes ideally it was per site). We should in the note mention though that this setting applies to all sites.
The text was updated successfully, but these errors were encountered: